package org.dydl.common.security;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.dydl.common.security.impl.AuthTokenGeneratorService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Service;

@Service
public class TokenAuthenticationService {

	protected final Log logger = LogFactory.getLog(getClass());

	private static final String HEADER_SECURITY_TOKEN = "X-AuthToken";

//	@Value("${auth.success.url}")
	private String defaultTargetUrl = "/auth/success";

	@Autowired
	private AuthTokenGeneratorService authTokenGeneratorService;

	// @Autowired
	// private IAuthTokenService authTokenService;

	// @Autowired
	// private UserDetailsService userDetailsService;

	public void addAuthentication(HttpServletResponse response, UserAuthentication authentication) {

		final String authToken = authTokenGeneratorService.generateToken(authentication);

		response.addHeader(HEADER_SECURITY_TOKEN, authToken);
		// request.getRequestDispatcher(defaultTargetUrl).forward(request, response);
	}

	public Authentication getAuthentication(HttpServletRequest request) {

		final String token = request.getHeader(HEADER_SECURITY_TOKEN);
		AbstractAuthenticationToken userAuthenticationToken = null;
		userAuthenticationToken = authenticateByToken(token);

		if (userAuthenticationToken != null) {

			if (userAuthenticationToken.getDetails() instanceof UserContext) {

				final UserContext user = (UserContext) userAuthenticationToken.getDetails();
				if (user != null) {
					return new UserAuthentication(user);
				}
			}

		}
		return null;

	}

	/**
	 * authenticate the user based on token
	 * 
	 * @return
	 */
	private AbstractAuthenticationToken authenticateByToken(String token) {
		if (null == token) {

			return null;
		}

		AbstractAuthenticationToken authToken = null;

		try {
			// String[] tokens = authTokenGeneratorService.decode(token);

			// AuthToken tokenEntry = (AuthToken) authTokenService.findUserByTokenAndSeries(
			// tokens[0], tokens[1]).getData();
			// if (null == tokenEntry) {
			// return null;
			// }

			// UserContext securityUser = new UserContext(
			// tokenEntry.getUser());

			// authToken = new UsernamePasswordAuthenticationToken(
			// securityUser.getUsername(), "",
			// securityUser.getAuthorities());
			// authToken = new UsernamePasswordAuthenticationToken(
			// securityUser.getUsername(), securityUser.getPassword(),
			// securityUser.getAuthorities() );
			//
			// authToken.setDetails(securityUser);

		} catch (Exception ex) {
			logger.error("Failed to authenticate user for token" + token + "{ }", ex);
		}

		return authToken;
	}

}
